Open source rules the world!
Open-source software is everywhere.
With all else being equal, open source code with many people (including, for example, paid security researchers) being able to review an application’s source code tends to make it more secure, not less.
The common open source licenses say nothing about needing to release the code for products that use open source libraries or software; we only have to give attribution. Only if we modify the code (for example, in the event we wanted to build a custom SCW version of a library or application) does the “copyleft” requirement apply.
The major open licenses are all irrevocable. Once a version of a tool or library has been released under an open license, that tool or library is open source in perpetuity. It’s always possible that (especially corporate-backed) projects could go closed-source for future versions, but in that case it is very likely that someone will take the last open version and “fork” it off into a separate project - this has happened many times e.g. LibreOffice from OpenOffice, MariaDB from MySQL.
The open source licenses apply to the code itself, not the data we use it on. Even if we did decide to release one of our own products as open source, there is no requirement at all to publish any data alongside it. Furthermore, the fact that we can inspect the source code means we can assure ourselves as to how safe a tool is ourselves; with closed-source tools we have to trust the developer’s word for it (or, at best, an external security audit). Open tools such as R, python and PostgreSQL are in widespread use even with highly sensitive data (banks, governments, healthcare).
Links, etc
Contact:
Code & Slides:
SAT // Open Source Intro // Prepared in June 2025